Show patches with: none      |   15568 patches
« 1 2 ... 3 4 5155 156 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC,v15,03/21] ipe: add evaluation loop Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,02/21] ipe: add policy parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[RFC,v15,01/21] security: add ipe lsm Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-16 Fan Wu pcmoore Changes Requested
[11/11] sysctl: treewide: constify the ctl_table argument of handlers sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[10/11] sysctl: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[09/11] ipvs: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[08/11] ipv6/ndisc: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[07/11] ipv6/addrconf: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[06/11] ipv4/sysctl: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[05/11] neighbour: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[04/11] utsname: constify ctl_table arguments of utility function sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[03/11] hugetlb: constify ctl_table arguments of utility functions sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[02/11] cgroup: bpf: constify ctl_table arguments and fields sysctl: treewide: constify ctl_table argument of sysctl handlers - - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[01/11] stackleak: don't modify ctl_table argument sysctl: treewide: constify ctl_table argument of sysctl handlers 1 - - --- 2024-03-15 Thomas Weißschuh pcmoore Handled Elsewhere
[RFC,1/2] lsm: introduce new hook security_vm_execstack [RFC,1/2] lsm: introduce new hook security_vm_execstack - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[RFC,2/2] selinux: wire up new execstack LSM hook [RFC,1/2] lsm: introduce new hook security_vm_execstack - - - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[RFC] fs: Add an use vfs_get_ioctl_handler() [RFC] fs: Add an use vfs_get_ioctl_handler() - - - --- 2024-03-15 Mickaël Salaün pcmoore RFC
[1/2] yama: document function parameter [1/2] yama: document function parameter - 3 - --- 2024-03-15 Christian Göttsche pcmoore Under Review
[2/2] apparmor: fix typo in kernel doc [1/2] yama: document function parameter - 1 - --- 2024-03-15 Christian Göttsche Handled Elsewhere
[10/10] coccinelle: add script for capable_any() [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - - - --- 2024-03-15 Christian Göttsche pcmoore New
[09/10] bpf: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore New
[08/10] net: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 1 - --- 2024-03-15 Christian Göttsche pcmoore New
[07/10] kernel: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 2 - --- 2024-03-15 Christian Göttsche pcmoore New
[06/10] fs: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore New
[05/10] drivers: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 2 - - --- 2024-03-15 Christian Göttsche pcmoore New
[04/10] block: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - - - --- 2024-03-15 Christian Göttsche pcmoore New
[03/10] capability: use new capable_any functionality [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY 1 - - --- 2024-03-15 Christian Göttsche pcmoore New
[02/10] capability: add any wrappers to test for multiple caps with exactly one audit message [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 1 - --- 2024-03-15 Christian Göttsche pcmoore New
[01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY [01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY - 1 - --- 2024-03-15 Christian Göttsche pcmoore New
[GIT,PULL] lsm/lsm-pr-20240314 [GIT,PULL] lsm/lsm-pr-20240314 - - - --- 2024-03-14 Paul Moore pcmoore Accepted
lsm: handle the NULL buffer case in lsm_fill_user_ctx() lsm: handle the NULL buffer case in lsm_fill_user_ctx() 1 - - --- 2024-03-14 Paul Moore pcmoore Accepted
[v3] LSM: use 32 bit compatible data types in LSM syscalls. [v3] LSM: use 32 bit compatible data types in LSM syscalls. - - - --- 2024-03-13 Casey Schaufler pcmoore Accepted
[GIT,PULL] Landlock updates for v6.9 [GIT,PULL] Landlock updates for v6.9 - - - --- 2024-03-13 Mickaël Salaün pcmoore Handled Elsewhere
[v2] LSM: use 32 bit compatible data types in LSM syscalls. [v2] LSM: use 32 bit compatible data types in LSM syscalls. - - - --- 2024-03-13 Casey Schaufler pcmoore Changes Requested
[GIT,PULL] lsm/lsm-pr-20240312 [GIT,PULL] lsm/lsm-pr-20240312 - - - --- 2024-03-12 Paul Moore pcmoore Accepted
[GIT,PULL] selinux/selinux-pr-20240312 [GIT,PULL] selinux/selinux-pr-20240312 - - - --- 2024-03-12 Paul Moore pcmoore Handled Elsewhere
LSM: use 32 bit compatible data types in LSM syscalls. LSM: use 32 bit compatible data types in LSM syscalls. - - - --- 2024-03-12 Casey Schaufler pcmoore Changes Requested
[GIT,PULL] Smack patches for 6.9 [GIT,PULL] Smack patches for 6.9 - - - --- 2024-03-11 Casey Schaufler pcmoore Handled Elsewhere
[RFC,8/8] clavis: Introduce new LSM called clavis Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,7/8] clavis: Introduce a new key type called clavis_key_acl Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,6/8] keys: Add ability to track intended usage of the public key Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,5/8] keys: Add new verification type (VERIFYING_CLAVIS_SIGNATURE) Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,4/8] clavis: Prevent clavis boot param from changing during kexec Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,3/8] efi: Make clavis boot param persist across kexec Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,2/8] clavis: Introduce a new system keyring called clavis Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[RFC,1/8] certs: Introduce ability to link to a system key Clavis LSM - - - --- 2024-03-11 Eric Snowberg pcmoore New
[v10,9/9] landlock: Document IOCTL support Landlock: IOCTL support - - - --- 2024-03-09 Günther Noack pcmoore Handled Elsewhere
[v10,8/9] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL_DEV Landlock: IOCTL support - - - --- 2024-03-09 Günther Noack pcmoore Handled Elsewhere
[v10,7/9] selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets Landlock: IOCTL support - - - --- 2024-03-09 Günther Noack pcmoore Handled Elsewhere
[v10,6/9] selftests/landlock: Test IOCTLs on named pipes Landlock: IOCTL support - - - --- 2024-03-09 Günther Noack pcmoore Handled Elsewhere
[v10,5/9] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) Landlock: IOCTL support - - - --- 2024-03-09 Günther Noack pcmoore Handled Elsewhere
[v10,4/9] selftests/landlock: Test IOCTL with memfds Landlock: IOCTL support - - - --- 2024-03-09 Günther Noack pcmoore Handled Elsewhere
[v10,3/9] selftests/landlock: Test IOCTL support Landlock: IOCTL support - - - --- 2024-03-09 Günther Noack pcmoore Handled Elsewhere
[v10,2/9] landlock: Add IOCTL access right for character and block devices Landlock: IOCTL support - - - --- 2024-03-09 Günther Noack pcmoore Handled Elsewhere
[v10,1/9] security: Create security_file_vfs_ioctl hook Landlock: IOCTL support - - - --- 2024-03-09 Günther Noack pcmoore Rejected
[v6,6/6] docs: trusted-encrypted: add DCP as new trust source DCP as trusted keys backend - - - --- 2024-03-07 David Gstir Handled Elsewhere
[v6,5/6] docs: document DCP-backed trusted keys kernel params DCP as trusted keys backend - - - --- 2024-03-07 David Gstir Handled Elsewhere
[v6,4/6] MAINTAINERS: add entry for DCP-based trusted keys DCP as trusted keys backend 1 - - --- 2024-03-07 David Gstir Handled Elsewhere
[v6,3/6] KEYS: trusted: Introduce NXP DCP-backed trusted keys DCP as trusted keys backend - 1 - --- 2024-03-07 David Gstir Handled Elsewhere
[v6,2/6] KEYS: trusted: improve scalability of trust source config DCP as trusted keys backend - - - --- 2024-03-07 David Gstir Handled Elsewhere
[v6,1/6] crypto: mxs-dcp: Add support for hardware-bound keys DCP as trusted keys backend 1 1 - --- 2024-03-07 David Gstir Handled Elsewhere
samples/landlock: Don't error out if a file path cannot be opened samples/landlock: Don't error out if a file path cannot be opened - 1 - --- 2024-03-07 Mickaël Salaün Handled Elsewhere
evm: Change vfs_getxattr() with __vfs_getxattr() in evm_calc_hmac_or_hash() evm: Change vfs_getxattr() with __vfs_getxattr() in evm_calc_hmac_or_hash() - - - --- 2024-03-07 Roberto Sassu Handled Elsewhere
landlock: Use f_cred in security_file_open() hook landlock: Use f_cred in security_file_open() hook - 1 - --- 2024-03-07 Mickaël Salaün Handled Elsewhere
[2/2] landlock: Rename "ptrace" files to "task" [1/2] landlock: Simplify current_check_access_socket() - - - --- 2024-03-07 Mickaël Salaün Handled Elsewhere
[1/2] landlock: Simplify current_check_access_socket() [1/2] landlock: Simplify current_check_access_socket() - - - --- 2024-03-07 Mickaël Salaün Handled Elsewhere
[RFC,v14,19/19] documentation: add ipe documentation Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,18/19] ipe: kunit test for parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,17/19] scripts: add boot policy generation program Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,16/19] ipe: enable support for fs-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,15/19] fsverity: consume builtin signature via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,14/19] ipe: add support for dm-verity as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,13/19] dm verity: consume root hash digest and signature data via LSM hook Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,12/19] dm: add finalize hook to target_type Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,11/19] block|security: add LSM blob to block_device Integrity Policy Enforcement LSM (IPE) - 1 - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,10/19] ipe: add permissive toggle Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,09/19] uapi|audit|ipe: add ipe auditing support Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,08/19] ipe: add userspace interface Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,07/19] security: add new securityfs delete function Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,06/19] ipe: introduce 'boot_verified' as a trust provider Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,05/19] initramfs|security: Add a security hook to do_populate_rootfs() Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,04/19] ipe: add LSM hooks on execution and kernel read Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,03/19] ipe: add evaluation loop Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,02/19] ipe: add policy parser Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
[RFC,v14,01/19] security: add ipe lsm Integrity Policy Enforcement LSM (IPE) - - - --- 2024-03-06 Fan Wu pcmoore Changes Requested
selftests/harness: Fix TEST_F()'s vfork handling selftests/harness: Fix TEST_F()'s vfork handling - 1 2 --- 2024-03-05 Mickaël Salaün Handled Elsewhere
[v1,2/2] selftests/harness: Merge TEST_F_FORK() into TEST_F() [v1,1/2] selftests/landlock: Redefine TEST_F() as TEST_F_FORK() - - - --- 2024-03-05 Mickaël Salaün Handled Elsewhere
[v1,1/2] selftests/landlock: Redefine TEST_F() as TEST_F_FORK() [v1,1/2] selftests/landlock: Redefine TEST_F() as TEST_F_FORK() - - - --- 2024-03-05 Mickaël Salaün Handled Elsewhere
xattr: restrict vfs_getxattr_alloc() allocation size xattr: restrict vfs_getxattr_alloc() allocation size 1 3 - --- 2024-03-05 Christian Brauner Handled Elsewhere
[next] integrity: Avoid -Wflex-array-member-not-at-end warnings [next] integrity: Avoid -Wflex-array-member-not-at-end warnings - - - --- 2024-03-04 Gustavo A. R. Silva Handled Elsewhere
[next] apparmor: remove useless static inline function is_deleted [next] apparmor: remove useless static inline function is_deleted - - - --- 2024-03-04 Colin Ian King Handled Elsewhere
[v2] proc: allow restricting /proc/pid/mem writes [v2] proc: allow restricting /proc/pid/mem writes - - - --- 2024-03-01 Adrian Ratiu Handled Elsewhere
[v2,7/7] kunit: Add tests for fault Handle faults in KUnit tests - 1 - --- 2024-03-01 Mickaël Salaün Handled Elsewhere
[v2,6/7] kunit: Print last test location on fault Handle faults in KUnit tests - 1 - --- 2024-03-01 Mickaël Salaün Handled Elsewhere
[v2,5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests Handle faults in KUnit tests - 2 - --- 2024-03-01 Mickaël Salaün Handled Elsewhere
[v2,4/7] kunit: Handle test faults Handle faults in KUnit tests - 2 1 --- 2024-03-01 Mickaël Salaün Handled Elsewhere
[v2,3/7] kunit: Fix timeout message Handle faults in KUnit tests - 3 - --- 2024-03-01 Mickaël Salaün Handled Elsewhere
[v2,2/7] kunit: Fix kthread reference Handle faults in KUnit tests - 3 - --- 2024-03-01 Mickaël Salaün Handled Elsewhere
[v2,1/7] kunit: Handle thread creation error Handle faults in KUnit tests - 3 - --- 2024-03-01 Mickaël Salaün Handled Elsewhere
[for,6.8] tomoyo: fix UAF write bug in tomoyo_write_control() [for,6.8] tomoyo: fix UAF write bug in tomoyo_write_control() - - - --- 2024-03-01 Tetsuo Handa Handled Elsewhere
« 1 2 ... 3 4 5155 156 »